Column (i): Indicate the form on which the data referred to is stored. Use the following categories: Eye: Eye Readable. Mach: Machine Readable. Either: Either. Column (j): Indicate how the information referred to may be retrieved: Mnly: Manually Retrieved. Cmpt: Computer Retrieved. CODE FOR REPORTING TYPES OF INFORMATION IN COLUMN (A) Education: 26. Highest grade completed or degree (s) earned. 27. Grade average or class standing. 28. Knowledge of foreign languages. Employment and occupation: 29. Occupation: current and/or past. 30. Employment status and history. 31. Occupational licenses and certifications held. 33. Recommendations and references. Legal and investigational information: 34. Police Record. 35. Security or other investigative reports. 36. Involvement in civil or criminal court action. Inventory of information on individuals in the records of Federal agencies Upon receipt of the agency answers, the Subcommittee arranged with the General Accounting Office to borrow the services of one of their Supervisory Accountants, Mr. John H. Carney. Mr. Carney performed a most valuable function by collating and compiling all of the information. A memorandum summarizing Mr. Carney's work follows (the views expressed in this memorandum are the views of Mr. Carney and do not necessarily represent either those of the General Accounting Office or of the Senate Subcommittee on Administrative Practice and Procedure): MEMORANDUM To: Benny Kass, Assistant Counsel, Subcommittee on Administrative Practice and Procedure From: John H. Carney, Supervisory Accountant, General Accounting Office Subject: Summary of work performed in the analysis of Senate Questionnaire My objective in undertaking this project was to review and analyze in detail the completed Senate questionnaires returned by the various Federal Departments; Independent Agencies; and selected Boards, Committees and Commissions and designed to obtain information currently maintained about identifiable individuals in the files of Federal agencies in order to evaluate this information and determine whether or not excessive data is required and obtained from individuals. Since the rapid advancement in computer technology has created the definite possibility for a National Data Center, there is an ever-growing concern that the individual citizen's privacy can and will be invaded. By the mere push of a button, it will be entirely possible to coordinate information from various sources on a given individual and obtain a "cradle-to-the grave" report about him. Naturally, having the ability to coordinate this information has unlimited statistical merit, but a happy medium between these two computer potentials must be reached. In light of the above, I received and analyzed the questionnaire returns and the following general observations should be made: (1) Government contractors, consultants, and their employees are required to submit such information as the birthplace of parents, income, legal, investigational, and health data as a condition to securing a potential job and in some cases, no confidentiality is extended on this data. (2) The Selective Service System requires all registrants under the Universal Military Training and Service Act to supply legal and investigational information such as police records, security or other investigative reports, and any involvement in civil and criminal court action. All additional information such as religious or financial information is only required from those registrants seeking a deferment for such reason. (3) Certain agencies require their top or key employees to furnish certain financial information on a "Statement of Employment and Financial Interest”. (4) Forms 57, credit reports, and agency personnel files contain an excessive amount of information about an individual such as the birthplace of his parents, his income and assets, and certain health information such as a personality inventory and alcoholism or drug addiction traits. (5) Most medical and police forms require the individual to list his race. This would be permissable if it is used for statitical purposes only. (6) Security clearance tend to require the individual to list most of the information cited in the questionnaire. However, since the individuals securing a clearance will have access to classified records, it is essential that this detailed information be obtained. (7) Applicants for the Government's various grants and fellowships are required to usually divulge their police record, security or other investigative reports, and any involvement in ciivl or criminal court action. This information appears to be excessive and nonessential as long as all academic requirements are fulfilled. CONCLUSIONS AND RECOMMENDATIONS It appears that the majority of Government forms require either nonessential or too detailed information from the individual citizen. However, for the following two reasons, the results achieved through a thorough examination of Government forms could not justify the work that would have to be performed, unless it could be statistically programmed for computer use: (1) The various forms are too voluminous; (2) one would have to have a good working knowledge of both the agency and the purpose of each form in order to evaluate it adequately. Also, in concluding, some mention should be made on the use of the confidentiality with respect to the Government's handling of data obtained from the individual. In many instances, the individual is required either on a mandatory or conditional basis to complete certain forms; however, the limits of confidentiality have been either non-existent or a pledge not to disclose outside the Government has been given. This pledge cannot be too meaningful since the Government is quite a large organization. Based on the above conclusions, I recommend that this project be directed to general trends in Government data collection methods (agency forms) rather than become "bogged down” in specific agency forms. Also, it should be suggested to the various Federal agencies that they take a hard look at their statutes or other agency regulations pertaining to confidentiality standards in order to determine that the maximum protection is being afforded the individual with respect to the personal data which he has surrendered. (A committee print is now being prepared which will give in detail the departments' and agencies responses to the subcommittee questionnaire.) Hon. EDWARD V. LONG, NATIONAL ASSOCIATION OF MANUFACTURERS, Chairman, Administrative Practices and Procedures Subcommittee, DEAR MR. CHAIRMAN: In response to a public notice of the Federal Communications Commission that it was launching an inquiry re computers, NAM wrote Chairman Rosel Hyde, November 11, 1966, that it "welcomed the opportunity to participate." Our letter pointed out that industry felt adequate safeguards to protect individual privacy and proprietary information should be built in to any proposal to set up a Government data bank. Subsequently, NAM established a Computer Subcommittee of its Telecommunications Committee, composed of industrial experts in this field, to prepare for participation in the FCC inquiry. It is our sincere belief, since the FCC is engaging in an inquiry regarding the regulation and use of computers, that the protection of individual privacy and proprietary information should be high on the list of considerations given exhaustive study. We will continue efforts to impress the importance of this matter upon the attention of the FCC as its inquiry progresses. We know the Subcommittee of which you are Chairman is also vitally interested in this consideration, and it has occurred to us, accordingly, that you may wish to advise the FCC that Congress, and especially your Committee, is interested in having this matter fully explored by FCC as a logical and necessary part of its inquiry. Such a declaration of interest, we feel certain, would do much to insure desired attention. Your assistance is respectfully requested and will be much appreciated. Sincerely, LEO V. BODINE. P.S.-Enclosed, for your information, is copy of a report by C. L. Hutchinson, Chairman of the NAM Computer Subcommittee, on his recent participation in a symposium held at Airlie. REPORT BY C. L. HUTCHINSON, AFIPS CONFERENCE, AIRLIE FOUNDATION, WARRENTON, Va., March 5, 6, 7, 1967 This conference, sponsored by the American Federation of Information Processing Societies (AFIPS), was devoted to probing the relationships between the issue of individual privacy and the idea of at National Data Center or Data Bank. The legal, legislative, sociological, economic, administrative and, to a limited degree, the technological aspects were discussed by qualified representatives from the fields involved. A list of the attendees is attached. Most of the discussions covered subjects which had appeared in print previously in one form or another. The outstanding value of the conference lay in the fact that the many aspects of the problem were related to each other and evaluated in an overall context. The Airlie Conference was primarily concerned with the issues of privacy in the proposed National Data Center. The parallel problem of privacy in the business environment, which is at least of equal importance, was not considered in any detail. BACKGROUND The National Data Center concept is of recent origin since it is based on current advances in computer technology and information systems. The concept was advanced by Richard Ruggles, a Yale University economist in his capacity as chairman of a committe of the Social Science Research Council. A copy of the Ruggles Report was presented to the Bureau of the Budget which then assigned Edgar S. Dunn, Jr., a consultant, to evaluate the report. His evaluation is known as the "Dunn Report". Later, the Bureau named a committee chaired by Carl Kaysen of the Institute for Advanced Study to report on the "Storage of and Access to Government Statistics". The report of this committee is known as the "Kaysen Report". All three reports recommended the creation of a National Data Center or Data Bank. Publicity concerning the concept created a furor over the possibility of invasion of individual privacy and led to an investigation by a subcommittee of the House Committee on Government Operations. Cornelius E. Gallagher is chairman of this subcommittee which held hearings in July 1966 on "The Computer and Invasion of Privacy" and is continuing its surveillance. CURRENT STATUS The concept of a National Data Center to improve the collection, storage, manipulation, and retrieval of government statistics has much to recommend it if invasion of privacy can be and will be adequately protected. However, no comprehensive study has yet been completed to determine cost effectiveness, improved usefulness, or in fact, just how such a system would be implemented. Current technology, however, is such that a National Data Center could be implemented. It would be a very large undertaking that would require many years to complete. The degree to which invasion of individual privacy can be prevented in a National Data Center has not yet been clearly established. Under the present government systems such protection is left largely to the individual agencies respon sible for the data they manage. The effectiveness of this control appears to vary widely between different agencies. The various aspects of the problem are outlined in the summary of the AFIPS meeting. The Bureau of the Budget is probably the prime mover toward the establishment of a National Data Center. This stems, of course, from its primary mission and its involvement in statistical systems development. Social scientists and economists have been very active furthering the project on the basis that improved data management is needed to provide better and more current information for government decision making. The Gallagher Committee is closely following the legislative aspects of current developments being made toward a National Data Center. Requirements for legislative action will certainly be thoroughly investigated by the able members of this committee. National Data Center requirements for coordination among federal, state, and municipal governments have as yet been given little consideration. The protection of corporate information in a National Data Center has also received very little consideration and should perhaps be brought to the attention of the Gallagher Committee. The subject of privacy in the business environment is being investigated by the Federal Communications Commission under Docket 16979. Perhaps this also should be brought under the purview of the Gallagher Committee. SUMMARY OF DISCUSSIONS AT AIRLIE The subjects covered in the discussions of the AFIPS Committee meeting at the Airlie Foundation will be presented at the Spring Eastern Joint Computer Conference at Atlantic City. The following summary is an attempt to highlight the discussions in terms of the interests of the NAM Computer Subcommittee. The projected National Data Center proposes the centralization of data collection, storage, manipulation and retrieval now done by many federal departments and bureaus. Anticipated benefits include speeding up of information flow, increased availability in more usable forms, and decreased governmental costs. It is generally conceded that these benefits could be realized and that the technology exists to implement such a system. However, no substantial systems study has been made to evaluate such benefits nor, in fact, has there been a comprehensive study to determine how a National Data Center could or should be implemented. There are some indications that steps toward such a system may be taken prior to any comprehensive studies. The possible invasion of individual privacy posed by the establishment of a National Data Center was not even considered in the Ruggles and Dunn Reports. Realization of the dangers involved has now made this the overriding issue of the whole controversy. The threat arises from the centralization of information that could increase the possibly of the establishment of dossiers on each citizen. Privacy is a fundamental freedom and an unquestioned constitutional right that must not be abrogated. The emphasis, therefore, has shifted almost entirely to consideration of means to protect individual privacy if a National Data Center were to be established. It should be noted that the problem exists to an unknown degree in the present government data systems. Some protection is presently afforded by the fact that information concerning an individual is scattered in so many different places. However, with a National Data Center such information could be easily assembled unless access to data is adequately protected. It is generally conceded that complete protection is impossible of attainment and that system costs will increase as the degree of protection is increase. A figure of 10 to 40 percent additional system cost was mentioned. Protection may be considered in two broad types, (a) those that stem from the design and tcehnical characteristics of the system, and (b) those established by statutory means or administrative order. It has been said that information systems can be made fool-proof but not smart-proof. Possible safeguards in technical system design include a. Measures to prevent bugging in both the computer and communications areas. b. Encrypting of data sufficient to discourage unauthorized retrieval. c. Equipping of memories and data files with key codes to prevent unauthorized insertions and retrievals. |